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Trend Micro™ 


DEEP DISCOVERY” FAMILY 


Advanced threat protection against targeted attacks 


INTRODUCTION : Key Benefits 

Targeted attacks and advanced threats are customized to evade your conventional T  TPISHE CHORE RHI st attacks 

security defenses. They remain hidden while stealing your corporate data, : Unique threat detection technologies 
intellectual property, and communications or encrypting critical data until ransom : discover attacks before the damage is done. 
demands are met. To detect targeted attacks and advanced threats, analysts 





Intelligence for a rapid response 
and security experts agree that organizations should use advanced detection 


. Deep Discovery and global threat intelligence 
echnology as part of an expanded strategy to address today's evasive threats. K 4 j 


drive a rapid and effective response. 


Trend Micro™ Deep Discovery™ is a family of advanced threat protection products : Integration of your defenses 

hat enables you to detect, analyze, and respond to today’s stealthy, targeted . Deep Discovery Mtegrateswith yur Trend 
attacks. Deep Discovery blends specialized detection engines, custom sandboxing, | Micro and third-party security tools to help 
and global threat intelligence from Trend Micro™ Smart Protection Network™, ‘prevent successful targeted attacks. 
providing the highest detection rate possible against attacks that are invisible to : 
standard security products. Deployed individually or as an integrated solution, Deep 
Discovery works with Trend Micro and third-party products to provide advanced : Trend Micro Network One™ solutions provide 


threat protection across your organization. : a blend of cross-generational techniques 
: that apply the right technology at the right 


time. Trend Micro™ TippingPoint™ intrusion 
prevention system (IPS) and Deep Discovery 
advanced threat protection work closely 
together to deliver integrated detection 
and prevention of known, unknown, and 
undisclosed threats. 





Protection from integrated threats 
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Trend Micro” Deep Discovery™ Inspector is a network appliance : Managed Detection and Response 


Oo : 
O that monitors network traffic across all ports and more than 100 : Let Trend Micro security experts and 
protocols and applications. Using specialized detection engines and : industry-leading artificial intelligence help 
custom sandboxing, it identifies the malware, command and control + you monitor and prioritize threats with 


communications (C&C), and activities signaling an attempted attack. = Iena Micro" Manageg: XDR. Mena Micro 

















er ; : : : are analysts will monitor, investigate, and 
Detection intelligence aids your rapid response and is automatically provide a response to advanced threats 
shared with your other security products to block further attacks. : discovered by Deep Discovery Inspector on 
l , 7 i : a 24/7 basis. Managed XDR doesn't stop at 

Trend Micro” Deep Discovery” Analyzer is an open custom sandbox :  thenetwork layer, it extends across email, 

analysis server that enhances the malware detection capabilities of : endpoints, servers, and cloud workloads. 
—() all your security solutions. Deep Discovery Analyzer supports out-of- : By monitoring and correlating more threat 

the-box integration with many Trend Micro platforms, manual sample : Vectors, it has broader context and can 

nt : > . provide better detection. 
submission, and provides an open web services interface to allow any 
solution or process to submit samples and obtain results. It also offers 





added sandboxing for other Deep Discovery solutions and extends the 
value of Trend Micro and other security products. 
Trend Micro” Deep Discovery” Director is an on-premises labs 


orchestration that enables centralized deployment of solution CG oncen 

and sandbox updates, with smart threat investigation on top of an : TET ova DEFENSE 
g enterprise-ready deployment architecture. This virtual appliance 

can also be your central point for advanced threat sharing. Using 

standards-based formats (STIX and YARA) and transfers (TAXII) it will 

pull threat information from several sources and share the indicators 

of compromise (loC) with Trend Micro and third-party products. 





Trend Micro™ XDR for Networks provides prioritized visibility into an 
attack. Leveraging Deep Discovery Inspector detection and network 
metadata collection points, XDR for Networks utilizes expert rules to 

g correlate and connect threat detection events against network access 
events, presenting threat investigators with a complete view of the 
attack lifecycle. 





Trend Micro™ Deep Discovery™ Analyzer as a Service is an add-on to 
AN the virtual Deep Discovery Inspector and Trend Micro Apex One™ as a 
Cr Service to provide cloud sandboxing capabilities. For environments that 
9) require a virtual form factor and cloud-based sandboxing, this solution 
will provide protection from advanced threats and targeted attacks. 


CAPABILITIES 


Network content inspection. Deep Discovery Inspector monitors all traffic across physical and virtual network segments, all 
network ports, and more than 100 network protocols to identify targeted attacks, advanced threats, and ransomware. Our 
agnostic approach to network traffic enables Deep Discovery to detect targeted attacks, advanced threats, and ransomware 
from inbound and outbound network traffic, as well as lateral movement, C&C, and other attacker behavior across all phases 
f the attack lifecycle. 


O 

Extensive detection techniques use file, web, IP, mobile application reputation, heuristic analysis, advanced threat scanning, 
custom sandbox analysis, and correlated threat intelligence to detect ransomware, zero-day exploits, advanced malware, and 
attacker behavior. 

Custom sandbox analysis uses virtual images tuned to precisely match an organization's system configurations, drivers, 


nstalled applications, and language versions. This approach improves the detection rate of advanced threats and 
ransomware designed to evade standard virtual images. 
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Flexible deployment. Deep Discovery Analyzer can be deployed as a standalone sandbox or in parallel with a larger Deep 
Discovery Inspector deployment to add additional sandbox capacity. It is scalable to support up to 60 sandboxes in a single 
appliance. Multiple appliances can be clustered for high availability or configured for a hot or cold backup. 


Deep Discovery Inspector is available as both a hardware appliance or as a virtual appliance to help meet your deployment 
objectives and needs. 


XDR for Networks/Trend Micro” Deep Discovery” Network Analytics is available as a SaaS solution that takes full advantage 
of extended detection and response (XDR). It is also available as an on-premises solution via virtual server or a physical 
device. 


Advanced detection with methods such as static analysis, heuristic analysis, behavior analysis, web reputation, and 
file reputation ensure threats are discovered quickly. Deep Discovery also detects multi-stage malicious files, outbound 
connections, and repeated C&C from suspicious files. 


Threat intelligence. Deep Discovery will correlate and share advanced threat intelligence using standards-based formats 
and transports like STIX/TAXII and YARA. This enables organizations to stay ahead of unknown threats that may breach the 
network. 





Threat Analytics will give you greater visibility into an attack, helping you prioritize the threats and show how the threat 
breached the network, where it went from there, and who else has been impacted by the attack. Press play and watch the 
entire attack play out step by step. 





Integration. Deep Discovery is purpose-built to work with Trend Micro solutions as well as third-party products. With native 
integration and a multitude of APIs, Deep Discovery will help automate security response, loC sharing, and prevention of 
advanced threats and targeted attacks. 





BOLSTERING THE SOC 


Security professionals need to understand the threat landscape. They need to know when threats are breaking and 
how to stop them. A thankless job, but one that is incredibly valuable. To help members of the SOC and other security 
professionals stay ahead of the latest threats, Deep Discovery will ingest the latest advanced threat intelligence or loCs, 
using standards-based formats and transfers (STIX/TAXI| and YARA) from threat feeds and custom inputs. It will then 
share the loCs with Trend Micro and third-party solutions within the network. By creating this loC exchange, you will be 
able to improve your time to detect advanced threats, as all of the connected products will be able to detect and block 
the previously unknown threats. 
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Trend Micro Control Manager™ 


Connected Threat Defense 


Deep Discovery Analyzer, more commonly known as a pure sandbox, will automatically take loCs from other security 
products, detonate, analyze the threat, and automatically send the results back for further action. Deep Discovery 

Analyzer can also help security analysts or threat hunters by accepting manual submissions of potential threats. This 
simplifies the analysis by providing a definitive answer to potential threats and suspicious objects. 
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PRIORITIZATION AND SIMPLIFICATION 


Security products are great at detecting, alerting, and blocking threats trying to attack 
the organization. The downside is they produce a lot of data, some of it relevant, some 
of it not. It is up to the security professional in the organization to comb through the 
potential thousands of alerts or logs each day to determine what is actually a threat 
and if they need to respond. 


Trend Micro XDR |r 


On the easy-to-read Sankey diagram (see above), you will be able to see every 
step of the attack play out, dating back six months. XDR for Networks sequentially 
extracts metadata from the network traffic and correlates the events in a graph 
database for real-time visibility. This provides faster resolution with fewer people 
involved and gives you a bigger picture of the full attack. In some cases, you may 
think the attack started today, but in fact, the initial breach happened weeks ago. 
XDR for Networks will correlate the data and map out every step of the attack, 
giving you a better idea of how to respond and how to prevent future attacks. 








A KEY PART OF TREND MICRO VISION ONE™ 


Trend Micro defines XDR as extended detection and response, breaking down the silos 
between email, endpoints, servers, cloud workloads, and networks. It offers broader 
visibility and expert security analytics, leading to fewer alerts and higher-confidence 
detection for an earlier, faster response. With Trend Micro Vision One, you can identify 
a 

a 


nd respond more effectively and efficiently to threats, minimizing the severity 
nd scope of an attack on the organization. Deep Discovery Inspector and XDR fo 
Networks are valuable parts of the Trend Micro Vision One platform, providing critical 
logs and visibility into unmanaged systems, such as contractor/third-party systems, 
internet of things (loT) and industrial internet of things (IloT) devices, printers, and 
bring-your-own-device (BYOD) systems. 
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To help prioritize and simplify 
the attack data, XDR for 
Networks will show you: 


What was the first point of entry 
of the attack? 


Who else in the organization has 
been impacted by the attack? 


Where was the threat calling out 
to? (C&C communication) 





For details about what personal information we collect 
and why, please see our Privacy Notice on our website at 
https://www.trendmicro.com/privacy 





(B) TREND. 


Securing Your Connected World 








